Access internal CERN site via ssh proxy
First you would setup the dynamic port forwarding with the default SOCKS port:
ssh -C -D *:1080 lxplus
The -D option specifies dynamic port forwarding. 1080 is the standard SOCKS port, and *: indicates to listen in all the interfaces (not only 127.0.0.1) . -C enables compression, which speeds the tunnel up.
Next you would tell Firefox to use your proxy:
- go to Edit -> Preferences -> Advanced -> Network -> Connection -> Settings...
- check "Manual proxy configuration"
- make sure "Use this proxy server for all protocols" is cleared
- clear "HTTP Proxy", "SSL Proxy", "FTP Proxy", and "Gopher Proxy" fields
- enter "127.0.0.1" for "SOCKS Host"
- enter "1080" for Port.
You can also set Firefox to use the DNS through that proxy, so even your DNS lookups are secure:
- Type in about:config in the Firefox address bar
- Find the key called "network.proxy.socks_remote_dns" and set it to true
Another option is to configure socks proxy for the whole network (Mac OS X):
The SOCKS proxy will stop working when you close your SSH session.